GEANT /
CAT
@@ -124,7 +124,7 @@ discard block |
||
| 124 | 124 | public function divSilverbullet() { |
| 125 | 125 | $retval = " |
| 126 | 126 | <div id='silverbullet'>" |
| 127 | - .$this->Gui->textTemplates->templates[user\SB_GO_AWAY] . |
|
| 127 | + .$this->Gui->textTemplates->templates[user\SB_GO_AWAY]. |
|
| 128 | 128 | "</div> |
| 129 | 129 | "; |
| 130 | 130 | return $retval; |
@@ -222,7 +222,7 @@ discard block |
||
| 222 | 222 | <div id='profiles'> <!-- this is the profile selection filled during run time --> |
| 223 | 223 | <div id='profiles_h' class='sub_h'>".$this->Gui->textTemplates->templates[user\PROFILE_SELECTION]." |
| 224 | 224 | </div>" . |
| 225 | - "<select id='profile_list'></select><div id='profile_desc' class='profile_desc'></div>" . |
|
| 225 | + "<select id='profile_list'></select><div id='profile_desc' class='profile_desc'></div>". |
|
| 226 | 226 | "</div>"; |
| 227 | 227 | } |
| 228 | 228 | |
@@ -250,7 +250,7 @@ discard block |
||
| 250 | 250 | public function divInstitution($selectButton = TRUE) { |
| 251 | 251 | $retval = "<div id='institution_name'> |
| 252 | 252 | <span id='inst_name_span'></span> <div id='inst_extra_text'></div><!-- this will be filled with the IdP name -->" . |
| 253 | - ($selectButton ? "<a id='select_another' class='signin' href=\"\">".$this->Gui->textTemplates->templates[user\INSTITUTION_SELECTION]."</a>" : "") . |
|
| 253 | + ($selectButton ? "<a id='select_another' class='signin' href=\"\">".$this->Gui->textTemplates->templates[user\INSTITUTION_SELECTION]."</a>" : ""). |
|
| 254 | 254 | "</div>"; |
| 255 | 255 | $retval .= $this->emptyImage('idp_logo', 'IdP Logo'); |
| 256 | 256 | return $retval; |
@@ -112,7 +112,7 @@ discard block |
||
| 112 | 112 | */ |
| 113 | 113 | public function prefilledOptionTable(string $attributePrefix, $fed) |
| 114 | 114 | { |
| 115 | - $retval = "<table id='expandable_$attributePrefix" . "_options'>"; |
|
| 115 | + $retval = "<table id='expandable_$attributePrefix"."_options'>"; |
|
| 116 | 116 | |
| 117 | 117 | $prepopulate = []; |
| 118 | 118 | foreach ($this->listOfOptions as $existingAttribute) { |
@@ -120,7 +120,7 @@ discard block |
||
| 120 | 120 | $prepopulate[] = $existingAttribute; |
| 121 | 121 | } |
| 122 | 122 | } |
| 123 | - if (is_array($prepopulate) && ( count($prepopulate) > 0 || $attributePrefix == "device-specific" || $attributePrefix == "eap-specific" )) { // editing... fill with values |
|
| 123 | + if (is_array($prepopulate) && (count($prepopulate) > 0 || $attributePrefix == "device-specific" || $attributePrefix == "eap-specific")) { // editing... fill with values |
|
| 124 | 124 | $retval .= $this->addOptionEdit($attributePrefix, $prepopulate); |
| 125 | 125 | } else { |
| 126 | 126 | $retval .= $this->addOptionNew($attributePrefix, $fed); |
@@ -153,7 +153,7 @@ discard block |
||
| 153 | 153 | $optiontypearray = $optioninfo->optionType($option['name']); |
| 154 | 154 | $loggerInstance = new \core\common\Logging(); |
| 155 | 155 | $loggerInstance->debug(5, "About to execute optiontext with PREFILL!\n"); |
| 156 | - $retval .= $this->optiontext([$option['name']], ($optiontypearray["type"] == "file" ? 'ROWID-' . $option['level'] . '-' . $option['row'] : $option['value']), $option['lang']); |
|
| 156 | + $retval .= $this->optiontext([$option['name']], ($optiontypearray["type"] == "file" ? 'ROWID-'.$option['level'].'-'.$option['row'] : $option['value']), $option['lang']); |
|
| 157 | 157 | } |
| 158 | 158 | } |
| 159 | 159 | return $retval; |
@@ -252,18 +252,18 @@ discard block |
||
| 252 | 252 | } |
| 253 | 253 | $descriptions["media:force_proxy"] = sprintf(_("The format of this option is: IPv4|IPv6|hostname:port . Forcing your users through a content filter of your own is a significant invasion of user self-determination. It also has technical issues. Please throughly read the discussion at %s before specifying a proxy with this option. This feature is currently experimental and only has an effect in Apple installers."), "https://github.com/GEANT/CAT/issues/96"); |
| 254 | 254 | $descriptions["managedsp:realmforvlan"] = sprintf(_("If you are also using %s, then your own realm is automatically tagged with the VLAN you choose, there is no need to add it here manually."), \core\ProfileSilverbullet::PRODUCTNAME); |
| 255 | - $descriptions["media:openroaming"] = sprintf(_("By opting in to OpenRoaming, you agree to be bound by the %s."), "eduroam Ecosystem Broker OpenRoaming Identity Provider Policy") . |
|
| 256 | - " " . |
|
| 257 | - sprintf(_("Note that your requirement to inform users about the OpenRoaming End User Terms and Conditions is fulfilled when directing your end users to the %s download portal for installer download. Any other means of providing the installers needs to present this information via its own channel."), \config\Master::APPEARANCE['productname']) . |
|
| 258 | - " " . |
|
| 259 | - _("You are also aware that for best technical interoperability, you need to add a DNS entry into the DNS zone of your RADIUS realm.") . |
|
| 260 | - " " . |
|
| 255 | + $descriptions["media:openroaming"] = sprintf(_("By opting in to OpenRoaming, you agree to be bound by the %s."), "eduroam Ecosystem Broker OpenRoaming Identity Provider Policy"). |
|
| 256 | + " ". |
|
| 257 | + sprintf(_("Note that your requirement to inform users about the OpenRoaming End User Terms and Conditions is fulfilled when directing your end users to the %s download portal for installer download. Any other means of providing the installers needs to present this information via its own channel."), \config\Master::APPEARANCE['productname']). |
|
| 258 | + " ". |
|
| 259 | + _("You are also aware that for best technical interoperability, you need to add a DNS entry into the DNS zone of your RADIUS realm."). |
|
| 260 | + " ". |
|
| 261 | 261 | _("Read the instructions in the wiki."); |
| 262 | 262 | \core\common\Entity::outOfThePotatoes(); |
| 263 | 263 | if (!isset($descriptions[$input])) { |
| 264 | 264 | return ""; |
| 265 | 265 | } |
| 266 | - return "<span class='tooltip' id='S$rowid-tooltip-$input' style='display:" . ($isVisible ? "block" : "none") . "' onclick='alert(\"" . $descriptions[$input] . "\")'><img src='../resources/images/icons/question-mark-icon.png" . "'></span>"; |
|
| 266 | + return "<span class='tooltip' id='S$rowid-tooltip-$input' style='display:".($isVisible ? "block" : "none")."' onclick='alert(\"".$descriptions[$input]."\")'><img src='../resources/images/icons/question-mark-icon.png"."'></span>"; |
|
| 267 | 267 | } |
| 268 | 268 | |
| 269 | 269 | /** |
@@ -277,19 +277,19 @@ discard block |
||
| 277 | 277 | private function selectElement($rowid, $list) |
| 278 | 278 | { |
| 279 | 279 | $jsmagic = "onchange=' |
| 280 | - if (/#ML#/.test(document.getElementById(\"option-S" . $rowid . "-select\").value)) { |
|
| 280 | + if (/#ML#/.test(document.getElementById(\"option-S" . $rowid."-select\").value)) { |
|
| 281 | 281 | document.getElementById(\"S$rowid-input-langselect\").style.display = \"block\"; |
| 282 | 282 | } else { |
| 283 | 283 | document.getElementById(\"S$rowid-input-langselect\").style.display = \"none\"; |
| 284 | 284 | }"; |
| 285 | 285 | foreach (array_keys($this->htmlDatatypeTexts) as $key) { |
| 286 | - $jsmagic .= "if (/#" . $key . "#/.test(document.getElementById(\"option-S" . $rowid . "-select\").value)) { |
|
| 287 | - document.getElementById(\"S$rowid-input-file\").style.display = \"" . ($key == \core\Options::TYPECODE_FILE ? "block" : "none") . "\"; |
|
| 288 | - document.getElementById(\"S$rowid-input-text\").style.display = \"" . ($key == \core\Options::TYPECODE_TEXT ? "block" : "none") . "\"; |
|
| 289 | - document.getElementById(\"S$rowid-input-string\").style.display = \"" . ($key == \core\Options::TYPECODE_STRING ? "block" : "none") . "\"; |
|
| 290 | - document.getElementById(\"S$rowid-input-enum_openroaming\").style.display = \"" . ($key == \core\Options::TYPECODE_ENUM_OPENROAMING ? "block" : "none") . "\"; |
|
| 291 | - document.getElementById(\"S$rowid-input-boolean\").style.display = \"" . ($key == \core\Options::TYPECODE_BOOLEAN ? "block" : "none") . "\"; |
|
| 292 | - document.getElementById(\"S$rowid-input-integer\").style.display = \"" . ($key == \core\Options::TYPECODE_INTEGER ? "block" : "none") . "\"; |
|
| 286 | + $jsmagic .= "if (/#".$key."#/.test(document.getElementById(\"option-S".$rowid."-select\").value)) { |
|
| 287 | + document.getElementById(\"S$rowid-input-file\").style.display = \"".($key == \core\Options::TYPECODE_FILE ? "block" : "none")."\"; |
|
| 288 | + document.getElementById(\"S$rowid-input-text\").style.display = \"".($key == \core\Options::TYPECODE_TEXT ? "block" : "none")."\"; |
|
| 289 | + document.getElementById(\"S$rowid-input-string\").style.display = \"".($key == \core\Options::TYPECODE_STRING ? "block" : "none")."\"; |
|
| 290 | + document.getElementById(\"S$rowid-input-enum_openroaming\").style.display = \"".($key == \core\Options::TYPECODE_ENUM_OPENROAMING ? "block" : "none")."\"; |
|
| 291 | + document.getElementById(\"S$rowid-input-boolean\").style.display = \"".($key == \core\Options::TYPECODE_BOOLEAN ? "block" : "none")."\"; |
|
| 292 | + document.getElementById(\"S$rowid-input-integer\").style.display = \"".($key == \core\Options::TYPECODE_INTEGER ? "block" : "none")."\"; |
|
| 293 | 293 | } |
| 294 | 294 | "; |
| 295 | 295 | // hide all tooltips (each is a <span>, and there are no other <span>s) |
@@ -320,7 +320,7 @@ discard block |
||
| 320 | 320 | $value = array_shift($list); |
| 321 | 321 | $listtype = $optioninfo->optionType($value); |
| 322 | 322 | $retval .= $uiElements->displayName($value); |
| 323 | - $retval .= "<input type='hidden' name='option[S$rowid]' value='$value#" . $listtype["type"] . "#" . $listtype["flag"] . "#'/>"; |
|
| 323 | + $retval .= "<input type='hidden' name='option[S$rowid]' value='$value#".$listtype["type"]."#".$listtype["flag"]."#'/>"; |
|
| 324 | 324 | $activelisttype = $listtype; |
| 325 | 325 | $tooltips = $this->tooltip($rowid, $value, TRUE); |
| 326 | 326 | break; |
@@ -328,7 +328,7 @@ discard block |
||
| 328 | 328 | $retval .= "<select id='option-S$rowid-select' name='option[S$rowid]' $jsmagic>"; |
| 329 | 329 | foreach ($list as $value) { |
| 330 | 330 | $listtype = $optioninfo->optionType($value); |
| 331 | - $retval .= "<option id='option-S$rowid-v-$value' value='$value#" . $listtype["type"] . "#" . $listtype["flag"] . "#' "; |
|
| 331 | + $retval .= "<option id='option-S$rowid-v-$value' value='$value#".$listtype["type"]."#".$listtype["flag"]."#' "; |
|
| 332 | 332 | if ($iterator == $this->optionIterator) { |
| 333 | 333 | $retval .= "selected='selected'"; |
| 334 | 334 | $activelisttype = $listtype; |
@@ -336,7 +336,7 @@ discard block |
||
| 336 | 336 | } else { |
| 337 | 337 | $tooltips .= $this->tooltip($rowid, $value, FALSE); |
| 338 | 338 | } |
| 339 | - $retval .= ">" . $uiElements->displayName($value) . "</option>"; |
|
| 339 | + $retval .= ">".$uiElements->displayName($value)."</option>"; |
|
| 340 | 340 | $iterator++; |
| 341 | 341 | } |
| 342 | 342 | |
@@ -362,9 +362,9 @@ discard block |
||
| 362 | 362 | private function selectLanguage($rowid, $makeVisible) |
| 363 | 363 | { |
| 364 | 364 | \core\common\Entity::intoThePotatoes(); |
| 365 | - $retval = "<select style='display:" . ($makeVisible ? "block" : "none") . "' name='value[S$rowid-lang]' id='S" . $rowid . "-input-langselect'> |
|
| 366 | - <option value='' name='select_language' selected>" . _("select language") . "</option> |
|
| 367 | - <option value='C' name='all_languages'>" . _("default/other languages") . "</option>"; |
|
| 365 | + $retval = "<select style='display:".($makeVisible ? "block" : "none")."' name='value[S$rowid-lang]' id='S".$rowid."-input-langselect'> |
|
| 366 | + <option value='' name='select_language' selected>" . _("select language")."</option> |
|
| 367 | + <option value='C' name='all_languages'>" . _("default/other languages")."</option>"; |
|
| 368 | 368 | foreach (\config\Master::LANGUAGES as $langindex => $possibleLang) { |
| 369 | 369 | $thislang = $possibleLang['display']; |
| 370 | 370 | $retval .= "<option value='$langindex' name='$langindex'>$thislang</option>"; |
@@ -385,7 +385,7 @@ discard block |
||
| 385 | 385 | { |
| 386 | 386 | $retval = ""; |
| 387 | 387 | foreach ($this->htmlDatatypeTexts as $key => $type) { |
| 388 | - $retval .= "<" . $type['html'] . " style='display:" . ($activetype['type'] == $key ? "block" : "none") . "' name='value[S$rowid-$key]' id='S" . $rowid . "-input-" . $key . "'" . $type['tail'] . ">"; |
|
| 388 | + $retval .= "<".$type['html']." style='display:".($activetype['type'] == $key ? "block" : "none")."' name='value[S$rowid-$key]' id='S".$rowid."-input-".$key."'".$type['tail'].">"; |
|
| 389 | 389 | } |
| 390 | 390 | return $retval; |
| 391 | 391 | } |
@@ -401,11 +401,11 @@ discard block |
||
| 401 | 401 | { |
| 402 | 402 | // first column: the <select> element with the names of options and their field-toggling JS magic |
| 403 | 403 | $selectorInfo = $this->selectElement($rowid, $list); |
| 404 | - $retval = "<td>" . $selectorInfo["TEXT"] . "</td>"; |
|
| 404 | + $retval = "<td>".$selectorInfo["TEXT"]."</td>"; |
|
| 405 | 405 | // second column: the <select> element for language selection - only visible if the active option is multi-lang |
| 406 | - $retval .= "<td>" . $this->selectLanguage($rowid, $selectorInfo['ACTIVE']['flag'] == "ML") . "</td>"; |
|
| 406 | + $retval .= "<td>".$this->selectLanguage($rowid, $selectorInfo['ACTIVE']['flag'] == "ML")."</td>"; |
|
| 407 | 407 | // third column: the actual input fields; the data type of the active option is visible, all others hidden |
| 408 | - $retval .= "<td>" . $this->inputFields($rowid, $selectorInfo['ACTIVE']) . "</td>"; |
|
| 408 | + $retval .= "<td>".$this->inputFields($rowid, $selectorInfo['ACTIVE'])."</td>"; |
|
| 409 | 409 | return $retval; |
| 410 | 410 | } |
| 411 | 411 | |
@@ -429,20 +429,20 @@ discard block |
||
| 429 | 429 | $retval .= "<td>"; |
| 430 | 430 | $uiElements = new UIElements(); |
| 431 | 431 | $listtype = $optioninfo->optionType($optionName); |
| 432 | - $retval .= "<span style='display:flex;'>" . $uiElements->displayName($optionName); |
|
| 433 | - $retval .= $this->tooltip($rowid, $optionName, TRUE) . "</span>"; |
|
| 434 | - $retval .= "<input type='hidden' id='option-S$rowid-select' name='option[S$rowid]' value='$optionName#" . $listtype["type"] . "#" . $listtype["flag"] . "#' ></td>"; |
|
| 432 | + $retval .= "<span style='display:flex;'>".$uiElements->displayName($optionName); |
|
| 433 | + $retval .= $this->tooltip($rowid, $optionName, TRUE)."</span>"; |
|
| 434 | + $retval .= "<input type='hidden' id='option-S$rowid-select' name='option[S$rowid]' value='$optionName#".$listtype["type"]."#".$listtype["flag"]."#' ></td>"; |
|
| 435 | 435 | |
| 436 | 436 | // language tag if any |
| 437 | 437 | $retval .= "<td>"; |
| 438 | 438 | if ($listtype["flag"] == "ML") { |
| 439 | 439 | |
| 440 | - $language = "(" . strtoupper($optionLang) . ")"; |
|
| 440 | + $language = "(".strtoupper($optionLang).")"; |
|
| 441 | 441 | if ($optionLang == 'C') { |
| 442 | 442 | $language = _("(default/other languages)"); |
| 443 | 443 | } |
| 444 | 444 | $retval .= $language; |
| 445 | - $retval .= "<input type='hidden' name='value[S$rowid-lang]' id='S" . $rowid . "-input-langselect' value='" . $optionLang . "' style='display:block'>"; |
|
| 445 | + $retval .= "<input type='hidden' name='value[S$rowid-lang]' id='S".$rowid."-input-langselect' value='".$optionLang."' style='display:block'>"; |
|
| 446 | 446 | } |
| 447 | 447 | $retval .= "</td>"; |
| 448 | 448 | // attribute content |
@@ -452,12 +452,12 @@ discard block |
||
| 452 | 452 | case \core\Options::TYPECODE_COORDINATES: |
| 453 | 453 | $this->allLocationCount = $this->allLocationCount + 1; |
| 454 | 454 | // display of the locations varies by map provider |
| 455 | - $classname = "\web\lib\admin\Map" . \config\ConfAssistant::MAPPROVIDER['PROVIDER']; |
|
| 455 | + $classname = "\web\lib\admin\Map".\config\ConfAssistant::MAPPROVIDER['PROVIDER']; |
|
| 456 | 456 | $link = $classname::optionListDisplayCode($optionValue, $this->allLocationCount); |
| 457 | - $retval .= "<input readonly style='display:none' type='text' name='value[S$rowid-" . \core\Options::TYPECODE_TEXT . "]' id='S$rowid-input-text' value='$optionValue'>$link"; |
|
| 457 | + $retval .= "<input readonly style='display:none' type='text' name='value[S$rowid-".\core\Options::TYPECODE_TEXT."]' id='S$rowid-input-text' value='$optionValue'>$link"; |
|
| 458 | 458 | break; |
| 459 | 459 | case \core\Options::TYPECODE_FILE: |
| 460 | - $retval .= "<input readonly type='text' name='value[S$rowid-" . \core\Options::TYPECODE_STRING . "]' id='S" . $rowid . "-input-string' style='display:none' value='" . urlencode($optionValue) . "'>"; |
|
| 460 | + $retval .= "<input readonly type='text' name='value[S$rowid-".\core\Options::TYPECODE_STRING."]' id='S".$rowid."-input-string' style='display:none' value='".urlencode($optionValue)."'>"; |
|
| 461 | 461 | $uiElements = new UIElements(); |
| 462 | 462 | switch ($optionName) { |
| 463 | 463 | case "eap:ca_file": |
@@ -479,7 +479,7 @@ discard block |
||
| 479 | 479 | break; |
| 480 | 480 | case \core\Options::TYPECODE_ENUM_OPENROAMING: // is a string after all |
| 481 | 481 | $displayedVariant = $this->enumPrettyPrints[$optionValue]; |
| 482 | - $retval .= "<strong>$displayedVariant</strong><input type='hidden' name='value[S$rowid-" . $listtype['type'] . "]' id='S" . $rowid . "-input-" . $listtype["type"] . "' value=\"" . htmlspecialchars($optionValue) . "\" style='display:block'>"; |
|
| 482 | + $retval .= "<strong>$displayedVariant</strong><input type='hidden' name='value[S$rowid-".$listtype['type']."]' id='S".$rowid."-input-".$listtype["type"]."' value=\"".htmlspecialchars($optionValue)."\" style='display:block'>"; |
|
| 483 | 483 | break; |
| 484 | 484 | case \core\Options::TYPECODE_STRING: |
| 485 | 485 | // fall-thorugh is intentional; mostly identical HTML code for the three types |
@@ -487,11 +487,11 @@ discard block |
||
| 487 | 487 | // fall-thorugh is intentional; mostly identical HTML code for the three types |
| 488 | 488 | case \core\Options::TYPECODE_TEXT: |
| 489 | 489 | $displayedVariant = $optionValue; // for all three types, value tag and actual display are identical |
| 490 | - $retval .= "<strong>$displayedVariant</strong><input type='hidden' name='value[S$rowid-" . $listtype['type'] . "]' id='S" . $rowid . "-input-" . $listtype["type"] . "' value=\"" . htmlspecialchars($optionValue) . "\" style='display:block'>"; |
|
| 490 | + $retval .= "<strong>$displayedVariant</strong><input type='hidden' name='value[S$rowid-".$listtype['type']."]' id='S".$rowid."-input-".$listtype["type"]."' value=\"".htmlspecialchars($optionValue)."\" style='display:block'>"; |
|
| 491 | 491 | break; |
| 492 | 492 | case \core\Options::TYPECODE_BOOLEAN: |
| 493 | 493 | $displayedVariant = ($optionValue == "on" ? _("on") : _("off")); |
| 494 | - $retval .= "<strong>$displayedVariant</strong><input type='hidden' name='value[S$rowid-" . $listtype['type'] . "]' id='S" . $rowid . "-input-" . $listtype["type"] . "' value=\"" . htmlspecialchars($optionValue) . "\" style='display:block'>"; |
|
| 494 | + $retval .= "<strong>$displayedVariant</strong><input type='hidden' name='value[S$rowid-".$listtype['type']."]' id='S".$rowid."-input-".$listtype["type"]."' value=\"".htmlspecialchars($optionValue)."\" style='display:block'>"; |
|
| 495 | 495 | break; |
| 496 | 496 | default: |
| 497 | 497 | // this should never happen! |
@@ -537,10 +537,10 @@ discard block |
||
| 537 | 537 | <td> |
| 538 | 538 | <button type='button' class='delete' onclick='"; |
| 539 | 539 | if ($prefillValue !== NULL && $item == "general:geo_coordinates") { |
| 540 | - $funcname = "Map" . \config\ConfAssistant::MAPPROVIDER['PROVIDER'] . 'DeleteCoord'; |
|
| 541 | - $retval .= 'if (typeof ' . $funcname . ' === "function") { ' . $funcname . '(' . $this->allLocationCount . '); } '; |
|
| 540 | + $funcname = "Map".\config\ConfAssistant::MAPPROVIDER['PROVIDER'].'DeleteCoord'; |
|
| 541 | + $retval .= 'if (typeof '.$funcname.' === "function") { '.$funcname.'('.$this->allLocationCount.'); } '; |
|
| 542 | 542 | } |
| 543 | - $retval .= 'deleteOption("option-S' . $rowid . '")'; |
|
| 543 | + $retval .= 'deleteOption("option-S'.$rowid.'")'; |
|
| 544 | 544 | $retval .= "'>-</button> |
| 545 | 545 | </td> |
| 546 | 546 | </tr>"; |
@@ -166,27 +166,27 @@ discard block |
||
| 166 | 166 | { |
| 167 | 167 | // it could match CN or sAN:DNS, we don't care which |
| 168 | 168 | if (isset($this->TLS_CA_checks_result[$host]['certdata']['subject'])) { |
| 169 | - $this->loggerInstance->debug(4, "Checking expected server name " . $this->expectedName . " against Subject: "); |
|
| 169 | + $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against Subject: "); |
|
| 170 | 170 | $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['subject']); |
| 171 | 171 | // we are checking against accidental misconfig, not attacks, so loosely checking against end of string is appropriate |
| 172 | - if (preg_match("/CN=" . $this->expectedName . "/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) { |
|
| 172 | + if (preg_match("/CN=".$this->expectedName."/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) { |
|
| 173 | 173 | return TRUE; |
| 174 | 174 | } |
| 175 | 175 | } |
| 176 | 176 | if (isset($this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) { |
| 177 | - $this->loggerInstance->debug(4, "Checking expected server name " . $this->expectedName . " against sANs: "); |
|
| 177 | + $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against sANs: "); |
|
| 178 | 178 | $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']); |
| 179 | 179 | $testNames = $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']; |
| 180 | 180 | if (!is_array($testNames)) { |
| 181 | 181 | $testNames = [$testNames]; |
| 182 | 182 | } |
| 183 | 183 | foreach ($testNames as $oneName) { |
| 184 | - if (preg_match("/" . $this->expectedName . "/", $oneName) === 1) { |
|
| 184 | + if (preg_match("/".$this->expectedName."/", $oneName) === 1) { |
|
| 185 | 185 | return TRUE; |
| 186 | 186 | } |
| 187 | 187 | } |
| 188 | 188 | } |
| 189 | - $this->loggerInstance->debug(3, "Tried to check expected server name " . $this->expectedName . " but neither CN nor sANs matched."); |
|
| 189 | + $this->loggerInstance->debug(3, "Tried to check expected server name ".$this->expectedName." but neither CN nor sANs matched."); |
|
| 190 | 190 | |
| 191 | 191 | $this->TLS_CA_checks_result[$host]['cert_oddity'] = RADIUSTests::CERTPROB_DYN_SERVER_NAME_MISMATCH; |
| 192 | 192 | return FALSE; |
@@ -216,7 +216,7 @@ discard block |
||
| 216 | 216 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['status'] = $cert['status']; |
| 217 | 217 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['message'] = $this->TLS_certkeys[$cert['status']]; |
| 218 | 218 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['expected'] = $cert['expected']; |
| 219 | - $add = ' -cert ' . ROOT . '/config/cli-certs/' . $cert['public'] . ' -key ' . ROOT . '/config/cli-certs/' . $cert['private']; |
|
| 219 | + $add = ' -cert '.ROOT.'/config/cli-certs/'.$cert['public'].' -key '.ROOT.'/config/cli-certs/'.$cert['private']; |
|
| 220 | 220 | if (!isset($this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k])) { |
| 221 | 221 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k] = []; |
| 222 | 222 | } |
@@ -261,11 +261,11 @@ discard block |
||
| 261 | 261 | // but code analysers want this more explicit, so here is this extra |
| 262 | 262 | // call to escapeshellarg() |
| 263 | 263 | $escapedHost = escapeshellarg($host); |
| 264 | - $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " s_client -connect " . $escapedHost . " -tls1 -CApath " . ROOT . "/config/ca-certs/$this->consortium/ $arg 2>&1\n"); |
|
| 264 | + $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." s_client -connect ".$escapedHost." -tls1 -CApath ".ROOT."/config/ca-certs/$this->consortium/ $arg 2>&1\n"); |
|
| 265 | 265 | $time_start = microtime(true); |
| 266 | 266 | $opensslbabble = []; |
| 267 | 267 | $result = 999; // likely to become zero by openssl; don't want to initialise to zero, could cover up exec failures |
| 268 | - exec(\config\Master::PATHS['openssl'] . " s_client -connect " . $escapedHost . " -no_ssl3 -CApath " . ROOT . "/config/ca-certs/$this->consortium/ $arg 2>&1", $opensslbabble, $result); |
|
| 268 | + exec(\config\Master::PATHS['openssl']." s_client -connect ".$escapedHost." -no_ssl3 -CApath ".ROOT."/config/ca-certs/$this->consortium/ $arg 2>&1", $opensslbabble, $result); |
|
| 269 | 269 | $time_stop = microtime(true); |
| 270 | 270 | $testresults['time_millisec'] = floor(($time_stop - $time_start) * 1000); |
| 271 | 271 | $testresults['returncode'] = $result; |
@@ -44,8 +44,8 @@ discard block |
||
| 44 | 44 | $operatingSystem = $Gui->detectOS(); |
| 45 | 45 | $Gui->loggerInstance->debug(4, $operatingSystem); |
| 46 | 46 | if ($operatingSystem) { |
| 47 | - print "recognisedOS = '".$operatingSystem['device'] . "';\n"; |
|
| 48 | - print "recognisedOShs20 = '".$operatingSystem['hs20'] . "';\n"; |
|
| 47 | + print "recognisedOS = '".$operatingSystem['device']."';\n"; |
|
| 48 | + print "recognisedOShs20 = '".$operatingSystem['hs20']."';\n"; |
|
| 49 | 49 | $vendorlogo = $Gui->skinObject->findResourceUrl("IMAGES", "vendorlogo/"); |
| 50 | 50 | if ($vendorlogo !== FALSE) { |
| 51 | 51 | print "vendorlogo = '$vendorlogo';\n"; |
@@ -54,7 +54,7 @@ discard block |
||
| 54 | 54 | } |
| 55 | 55 | } |
| 56 | 56 | |
| 57 | -print 'downloadMessage = "'.$Gui->textTemplates->templates[\web\lib\user\DOWNLOAD_MESSAGE] . '";'; |
|
| 57 | +print 'downloadMessage = "'.$Gui->textTemplates->templates[\web\lib\user\DOWNLOAD_MESSAGE].'";'; |
|
| 58 | 58 | //TODO modify this based on OS detection |
| 59 | 59 | $userAgent = $_SERVER['HTTP_USER_AGENT'] ?? ""; |
| 60 | 60 | if (preg_match('/Android/', $userAgent)) { |
@@ -83,7 +83,7 @@ discard block |
||
| 83 | 83 | <?php echo $divs->divHeading($visibility); ?> |
| 84 | 84 | <div id="main_page"> |
| 85 | 85 | <div id="loading_ico"> |
| 86 | - <?php echo _("Authenticating") . "..." ?><br><img src="<?php echo $Gui->skinObject->findResourceUrl("IMAGES", "icons/loading51.gif"); ?>" alt="Authenticating ..."/> |
|
| 86 | + <?php echo _("Authenticating")."..." ?><br><img src="<?php echo $Gui->skinObject->findResourceUrl("IMAGES", "icons/loading51.gif"); ?>" alt="Authenticating ..."/> |
|
| 87 | 87 | </div> |
| 88 | 88 | <div id="info_overlay"> <!-- device info --> |
| 89 | 89 | <div id="info_window"></div> |
@@ -115,12 +115,12 @@ discard block |
||
| 115 | 115 | $this->name = $this->languageInstance->getLocalisedValue($this->getAttributes('general:instname')); |
| 116 | 116 | $eligibility = $this->eligibility(); |
| 117 | 117 | if (in_array(IdP::ELIGIBILITY_IDP, $eligibility) && in_array(IdP::ELIGIBILITY_SP, $eligibility)) { |
| 118 | - $eligType = IdP::TYPE_IDPSP . ""; |
|
| 118 | + $eligType = IdP::TYPE_IDPSP.""; |
|
| 119 | 119 | $this->type = $eligType; |
| 120 | 120 | } elseif (in_array(IdP::ELIGIBILITY_IDP, $eligibility)) { |
| 121 | - $eligType = IdP::TYPE_IDP . ""; |
|
| 121 | + $eligType = IdP::TYPE_IDP.""; |
|
| 122 | 122 | } else { |
| 123 | - $eligType = IdP::TYPE_SP . ""; |
|
| 123 | + $eligType = IdP::TYPE_SP.""; |
|
| 124 | 124 | } |
| 125 | 125 | $this->type = $eligType; |
| 126 | 126 | $this->loggerInstance->debug(3, "--- END Constructing new IdP object ... ---\n"); |
@@ -134,7 +134,7 @@ discard block |
||
| 134 | 134 | */ |
| 135 | 135 | public function listProfiles(bool $activeOnly = FALSE) |
| 136 | 136 | { |
| 137 | - $query = "SELECT profile_id FROM profile WHERE inst_id = $this->identifier" . ($activeOnly ? " AND showtime = 1" : ""); |
|
| 137 | + $query = "SELECT profile_id FROM profile WHERE inst_id = $this->identifier".($activeOnly ? " AND showtime = 1" : ""); |
|
| 138 | 138 | $allProfiles = $this->databaseHandle->exec($query); |
| 139 | 139 | $returnarray = []; |
| 140 | 140 | // SELECT -> resource, not boolean |
@@ -144,7 +144,7 @@ discard block |
||
| 144 | 144 | $returnarray[] = $oneProfile; |
| 145 | 145 | } |
| 146 | 146 | |
| 147 | - $this->loggerInstance->debug(4, "listProfiles: " . /** @scrutinizer ignore-type */ print_r($returnarray, true)); |
|
| 147 | + $this->loggerInstance->debug(4, "listProfiles: "./** @scrutinizer ignore-type */ print_r($returnarray, true)); |
|
| 148 | 148 | return $returnarray; |
| 149 | 149 | } |
| 150 | 150 | |
@@ -156,7 +156,7 @@ discard block |
||
| 156 | 156 | */ |
| 157 | 157 | public function listDeployments(bool $activeOnly = FALSE) |
| 158 | 158 | { |
| 159 | - $query = "SELECT deployment_id FROM deployment WHERE inst_id = $this->identifier" . ($activeOnly ? " AND status = " . AbstractDeployment::ACTIVE : ""); |
|
| 159 | + $query = "SELECT deployment_id FROM deployment WHERE inst_id = $this->identifier".($activeOnly ? " AND status = ".AbstractDeployment::ACTIVE : ""); |
|
| 160 | 160 | $allDeployments = $this->databaseHandle->exec($query); |
| 161 | 161 | $returnarray = []; |
| 162 | 162 | // SELECT -> resource, not boolean |
@@ -164,7 +164,7 @@ discard block |
||
| 164 | 164 | $returnarray[] = new DeploymentManaged($this, $deploymentQuery->deployment_id); |
| 165 | 165 | } |
| 166 | 166 | |
| 167 | - $this->loggerInstance->debug(4, "listDeployments: " . /** @scrutinizer ignore-type */ print_r($returnarray, true)); |
|
| 167 | + $this->loggerInstance->debug(4, "listDeployments: "./** @scrutinizer ignore-type */ print_r($returnarray, true)); |
|
| 168 | 168 | return $returnarray; |
| 169 | 169 | } |
| 170 | 170 | |
@@ -197,7 +197,7 @@ discard block |
||
| 197 | 197 | $allProfiles = $this->databaseHandle->exec("SELECT MIN(openroaming) AS maxlevel FROM profile WHERE inst_id = $this->identifier"); |
| 198 | 198 | // SELECT yields a resource, not a boolean |
| 199 | 199 | while ($res = mysqli_fetch_object(/** @scrutinizer ignore-type */ $allProfiles)) { |
| 200 | - return (is_numeric($res->maxlevel) ? (int)$res->maxlevel : AbstractProfile::OVERALL_OPENROAMING_LEVEL_NO ); // insts without profiles should get a "NO" |
|
| 200 | + return (is_numeric($res->maxlevel) ? (int) $res->maxlevel : AbstractProfile::OVERALL_OPENROAMING_LEVEL_NO); // insts without profiles should get a "NO" |
|
| 201 | 201 | } |
| 202 | 202 | return AbstractProfile::OVERALL_OPENROAMING_LEVEL_NO; |
| 203 | 203 | } |
@@ -331,7 +331,7 @@ discard block |
||
| 331 | 331 | case AbstractProfile::PROFILETYPE_SILVERBULLET: |
| 332 | 332 | $theProfile = new ProfileSilverbullet($identifier, $this); |
| 333 | 333 | $theProfile->addSupportedEapMethod(new \core\common\EAP(\core\common\EAP::EAPTYPE_SILVERBULLET), 1); |
| 334 | - $theProfile->setRealm($this->identifier . "-" . $theProfile->identifier . "." . strtolower($this->federation) . strtolower(\config\ConfAssistant::SILVERBULLET['realm_suffix'])); |
|
| 334 | + $theProfile->setRealm($this->identifier."-".$theProfile->identifier.".".strtolower($this->federation).strtolower(\config\ConfAssistant::SILVERBULLET['realm_suffix'])); |
|
| 335 | 335 | return $theProfile; |
| 336 | 336 | default: |
| 337 | 337 | throw new Exception("This type of profile is unknown and can not be added."); |
@@ -473,7 +473,7 @@ discard block |
||
| 473 | 473 | public function getExternalDBId() |
| 474 | 474 | { |
| 475 | 475 | if (\config\ConfAssistant::CONSORTIUM['name'] == "eduroam" && isset(\config\ConfAssistant::CONSORTIUM['deployment-voodoo']) && \config\ConfAssistant::CONSORTIUM['deployment-voodoo'] == "Operations Team") { // SW: APPROVED |
| 476 | - $idQuery = $this->databaseHandle->exec("SELECT external_db_id FROM institution WHERE inst_id = $this->identifier AND external_db_syncstate = " . self::EXTERNAL_DB_SYNCSTATE_SYNCED); |
|
| 476 | + $idQuery = $this->databaseHandle->exec("SELECT external_db_id FROM institution WHERE inst_id = $this->identifier AND external_db_syncstate = ".self::EXTERNAL_DB_SYNCSTATE_SYNCED); |
|
| 477 | 477 | // SELECT -> it's a resource, not a boolean |
| 478 | 478 | if (mysqli_num_rows(/** @scrutinizer ignore-type */ $idQuery) == 0) { |
| 479 | 479 | return FALSE; |
@@ -539,16 +539,16 @@ discard block |
||
| 539 | 539 | } |
| 540 | 540 | foreach ($baseline as $lang => $value) { |
| 541 | 541 | if (!key_exists($lang, $newvalues)) { |
| 542 | - $retval[IdP::INSTNAME_CHANGED] .= "#[Language " . strtoupper($lang) . "] DELETED"; |
|
| 542 | + $retval[IdP::INSTNAME_CHANGED] .= "#[Language ".strtoupper($lang)."] DELETED"; |
|
| 543 | 543 | } else { |
| 544 | 544 | if ($value != $newvalues[$lang]) { |
| 545 | - $retval[IdP::INSTNAME_CHANGED] .= "#[Language " . strtoupper($lang) . "] CHANGED from '" . $baseline[$lang] . "' to '" . $newvalues[$lang] . "'"; |
|
| 545 | + $retval[IdP::INSTNAME_CHANGED] .= "#[Language ".strtoupper($lang)."] CHANGED from '".$baseline[$lang]."' to '".$newvalues[$lang]."'"; |
|
| 546 | 546 | } |
| 547 | 547 | } |
| 548 | 548 | } |
| 549 | 549 | foreach ($newvalues as $lang => $value) { |
| 550 | 550 | if (!key_exists($lang, $baseline)) { |
| 551 | - $retval[IdP::INSTNAME_CHANGED] .= "#[Language " . strtoupper($lang) . "] ADDED as '" . $value . "'"; |
|
| 551 | + $retval[IdP::INSTNAME_CHANGED] .= "#[Language ".strtoupper($lang)."] ADDED as '".$value."'"; |
|
| 552 | 552 | } |
| 553 | 553 | } |
| 554 | 554 | return $retval; |
@@ -121,7 +121,7 @@ discard block |
||
| 121 | 121 | $cryptoJson = openssl_encrypt($clearJson, 'AES-256-CBC', $encryptionKey, OPENSSL_RAW_DATA, $initVector); |
| 122 | 122 | $hmac = hash_hmac("sha1", $cryptoJson, $encryptionKey, TRUE); |
| 123 | 123 | |
| 124 | - $this->loggerInstance->debug(4, "Clear = $clearJson\nSalt = $salt\nPW = " . $password . "\nb(IV) = " . base64_encode($initVector) . "\nb(Cipher) = " . base64_encode($cryptoJson) . "\nb(HMAC) = " . base64_encode($hmac)); |
|
| 124 | + $this->loggerInstance->debug(4, "Clear = $clearJson\nSalt = $salt\nPW = ".$password."\nb(IV) = ".base64_encode($initVector)."\nb(Cipher) = ".base64_encode($cryptoJson)."\nb(HMAC) = ".base64_encode($hmac)); |
|
| 125 | 125 | |
| 126 | 126 | // now, generate the container that holds all the crypto data |
| 127 | 127 | $finalArray = [ |
@@ -195,7 +195,7 @@ discard block |
||
| 195 | 195 | private function wiredBlock($eapdetails) |
| 196 | 196 | { |
| 197 | 197 | return [ |
| 198 | - "GUID" => \core\common\Entity::uuid('', "wired-dot1x-ethernet") . "}", |
|
| 198 | + "GUID" => \core\common\Entity::uuid('', "wired-dot1x-ethernet")."}", |
|
| 199 | 199 | "Name" => "eduroam configuration (wired network)", |
| 200 | 200 | "Remove" => false, |
| 201 | 201 | "Type" => "Ethernet", |
@@ -236,7 +236,7 @@ discard block |
||
| 236 | 236 | // if silverbullet, we deliver the client cert inline |
| 237 | 237 | |
| 238 | 238 | if ($selectedEap == \core\common\EAP::EAPTYPE_SILVERBULLET) { |
| 239 | - $eaparray['ClientCertRef'] = "[" . $this->clientCert['GUID'] . "]"; |
|
| 239 | + $eaparray['ClientCertRef'] = "[".$this->clientCert['GUID']."]"; |
|
| 240 | 240 | $eaparray['ClientCertType'] = "Ref"; |
| 241 | 241 | } |
| 242 | 242 | |
@@ -271,7 +271,7 @@ discard block |
||
| 271 | 271 | $jsonArray = ["Type" => "UnencryptedConfiguration"]; |
| 272 | 272 | |
| 273 | 273 | foreach ($this->attributes['internal:CAs'][0] as $ca) { |
| 274 | - $caRefs[] = "{" . $ca['uuid'] . "}"; |
|
| 274 | + $caRefs[] = "{".$ca['uuid']."}"; |
|
| 275 | 275 | } |
| 276 | 276 | // define CA certificates |
| 277 | 277 | foreach ($this->attributes['internal:CAs'][0] as $ca) { |
@@ -281,15 +281,15 @@ discard block |
||
| 281 | 281 | if ($caSanitized1 === FALSE) { |
| 282 | 282 | throw new Exception("Error cropping PEM data at its BEGIN marker."); |
| 283 | 283 | } |
| 284 | - $this->loggerInstance->debug(4, $caSanitized1 . "\n"); |
|
| 284 | + $this->loggerInstance->debug(4, $caSanitized1."\n"); |
|
| 285 | 285 | // remove \n |
| 286 | 286 | $caSanitized = str_replace("\n", "", $caSanitized1); |
| 287 | - $jsonArray["Certificates"][] = ["GUID" => "{" . $ca['uuid'] . "}", "Remove" => false, "Type" => "Authority", "X509" => $caSanitized]; |
|
| 288 | - $this->loggerInstance->debug(3, $caSanitized . "\n"); |
|
| 287 | + $jsonArray["Certificates"][] = ["GUID" => "{".$ca['uuid']."}", "Remove" => false, "Type" => "Authority", "X509" => $caSanitized]; |
|
| 288 | + $this->loggerInstance->debug(3, $caSanitized."\n"); |
|
| 289 | 289 | } |
| 290 | 290 | // if we are doing silverbullet, include the unencrypted(!) P12 as a client certificate |
| 291 | 291 | if ($this->selectedEap == \core\common\EAP::EAPTYPE_SILVERBULLET) { |
| 292 | - $jsonArray["Certificates"][] = ["GUID" => "[" . $this->clientCert['GUID'] . "]", "PKCS12" => base64_encode($this->clientCert['certdataclear']), "Remove" => false, "Type" => "Client"]; |
|
| 292 | + $jsonArray["Certificates"][] = ["GUID" => "[".$this->clientCert['GUID']."]", "PKCS12" => base64_encode($this->clientCert['certdataclear']), "Remove" => false, "Type" => "Client"]; |
|
| 293 | 293 | } |
| 294 | 294 | $eaparray = $this->eapBlock($caRefs); |
| 295 | 295 | // define Wi-Fi networks |
@@ -312,7 +312,7 @@ discard block |
||
| 312 | 312 | |
| 313 | 313 | file_put_contents('installer_profile', $finalJson); |
| 314 | 314 | |
| 315 | - $fileName = $this->installerBasename . '.onc'; |
|
| 315 | + $fileName = $this->installerBasename.'.onc'; |
|
| 316 | 316 | |
| 317 | 317 | if (!$this->sign) { |
| 318 | 318 | rename("installer_profile", $fileName); |
@@ -323,7 +323,7 @@ discard block |
||
| 323 | 323 | // have the notion of signing |
| 324 | 324 | // but if they ever change their mind, we are prepared |
| 325 | 325 | |
| 326 | - $outputFromSigning = system($this->sign . " installer_profile '$fileName' > /dev/null"); |
|
| 326 | + $outputFromSigning = system($this->sign." installer_profile '$fileName' > /dev/null"); |
|
| 327 | 327 | if ($outputFromSigning === FALSE) { |
| 328 | 328 | $this->loggerInstance->debug(2, "Signing the ONC installer $fileName FAILED!\n"); |
| 329 | 329 | } |
@@ -51,7 +51,7 @@ discard block |
||
| 51 | 51 | const DOWNLOAD_REDIRECT_CONTINUE = 1054; |
| 52 | 52 | const SB_GO_AWAY = 1060; |
| 53 | 53 | const SB_FRONTPAGE_BIGDOWNLOADBUTTON = 1061; |
| 54 | -const SB_FRONTPAGE_ROLLER_CUSTOMBUILT= 1062; |
|
| 54 | +const SB_FRONTPAGE_ROLLER_CUSTOMBUILT = 1062; |
|
| 55 | 55 | |
| 56 | 56 | |
| 57 | 57 | /** |
@@ -103,13 +103,13 @@ discard block |
||
| 103 | 103 | ]; |
| 104 | 104 | $this->templates[WELCOME_ABOARD_TERMS] = ""; |
| 105 | 105 | foreach ($this->templates[NETWORK_TERMS_AND_PRIV] as $consortium => $terms) { |
| 106 | - $this->templates[WELCOME_ABOARD_TERMS] .= sprintf("<p>" . _("Please remember that when connecting to %s hotspots, the following <a href='%s'>Terms and Conditions</a> and <a href='%s'>Privacy Notice</a> apply.") . "</p>", $consortium, $terms['TOU_LINK'], $terms['PRIV_LINK']); |
|
| 106 | + $this->templates[WELCOME_ABOARD_TERMS] .= sprintf("<p>"._("Please remember that when connecting to %s hotspots, the following <a href='%s'>Terms and Conditions</a> and <a href='%s'>Privacy Notice</a> apply.")."</p>", $consortium, $terms['TOU_LINK'], $terms['PRIV_LINK']); |
|
| 107 | 107 | } |
| 108 | 108 | // $this->templates[WELCOME_ABOARD_TERMS] .= "<p>"._("I agree to be bound by these Terms and Conditions.")."</p>"; |
| 109 | 109 | $this->templates[WELCOME_ABOARD_BACKTODOWNLOADS] = _("Back to downloads"); |
| 110 | 110 | $this->templates[EDUROAM_WELCOME_ADVERTISING] = sprintf(_("We would like to warmly welcome you among the several million users of %s! From now on, you will be able to use internet access resources on thousands of universities, research centres and other places all over the globe. All of this completely free of charge!"), \config\ConfAssistant::CONSORTIUM['display_name']); |
| 111 | 111 | $this->templates[HEADING_TOPLEVEL_GREET] = sprintf(_("Welcome to %s"), \config\Master::APPEARANCE['productname']); |
| 112 | - $this->templates[HEADING_TOPLEVEL_PURPOSE] = sprintf(_("Connect your device to %s"),\config\ConfAssistant::CONSORTIUM['display_name']); |
|
| 112 | + $this->templates[HEADING_TOPLEVEL_PURPOSE] = sprintf(_("Connect your device to %s"), \config\ConfAssistant::CONSORTIUM['display_name']); |
|
| 113 | 113 | $this->templates[FRONTPAGE_ROLLER_EASY] = sprintf(_("%s installation made easy:"), \config\ConfAssistant::CONSORTIUM['display_name']); |
| 114 | 114 | $this->templates[FRONTPAGE_ROLLER_CUSTOMBUILT] = _("Custom built for your organisation"); |
| 115 | 115 | $this->templates[FRONTPAGE_BIGDOWNLOADBUTTON] = sprintf(_("Click here to download your %s installer"), \config\ConfAssistant::CONSORTIUM['display_name'], \config\ConfAssistant::CONSORTIUM['display_name']); |
@@ -86,7 +86,7 @@ discard block |
||
| 86 | 86 | protected function setSupportedEapMethods($eapArray) |
| 87 | 87 | { |
| 88 | 88 | $this->supportedEapMethods = $eapArray; |
| 89 | - $this->loggerInstance->debug(4, "This device (" . __CLASS__ . ") supports the following EAP methods: "); |
|
| 89 | + $this->loggerInstance->debug(4, "This device (".__CLASS__.") supports the following EAP methods: "); |
|
| 90 | 90 | $this->loggerInstance->debug(4, $this->supportedEapMethods); |
| 91 | 91 | } |
| 92 | 92 | |
@@ -460,7 +460,7 @@ discard block |
||
| 460 | 460 | return $baseName.$inst.'-'.$prof; |
| 461 | 461 | } |
| 462 | 462 | } |
| 463 | - return $baseName . $inst; |
|
| 463 | + return $baseName.$inst; |
|
| 464 | 464 | } |
| 465 | 465 | |
| 466 | 466 | /** |
@@ -590,7 +590,7 @@ discard block |
||
| 590 | 590 | // only add network blocks if their respective condition is met in this profile |
| 591 | 591 | if ($netDetails['condition'] === TRUE || (isset($this->attributes[$netDetails['condition']]) && $this->attributes[$netDetails['condition']] === TRUE)) { |
| 592 | 592 | $networks[$netName] = $netDetails; |
| 593 | - $this->loggerInstance->debug(5,$netName, "\nAdding network: "); |
|
| 593 | + $this->loggerInstance->debug(5, $netName, "\nAdding network: "); |
|
| 594 | 594 | } |
| 595 | 595 | } |
| 596 | 596 | // add locally defined SSIDs |
@@ -17,9 +17,9 @@ discard block |
||
| 17 | 17 | class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 20 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 23 | 23 | private const EDUPKI_RA_ID = 700; |
| 24 | 24 | private const EDUPKI_CERT_PROFILE = "User SOAP"; |
| 25 | 25 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -35,13 +35,13 @@ discard block |
||
| 35 | 35 | parent::__construct(); |
| 36 | 36 | |
| 37 | 37 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) { |
| 38 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 38 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 39 | 39 | } |
| 40 | 40 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) { |
| 41 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 41 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 42 | 42 | } |
| 43 | 43 | if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) { |
| 44 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 44 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 45 | 45 | } |
| 46 | 46 | } |
| 47 | 47 | |
@@ -75,19 +75,19 @@ discard block |
||
| 75 | 75 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
| 76 | 76 | try { |
| 77 | 77 | $altArray = [# Array mit den Subject Alternative Names |
| 78 | - "email:" . $csr["USERNAME"] |
|
| 78 | + "email:".$csr["USERNAME"] |
|
| 79 | 79 | ]; |
| 80 | 80 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 81 | 81 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 82 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n"); |
|
| 83 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
| 82 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n"); |
|
| 83 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
| 84 | 84 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 85 | 85 | $this->loggerInstance->debug(5, $altArray); |
| 86 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n"); |
|
| 87 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 88 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 89 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n"); |
|
| 90 | - $this->loggerInstance->debug(5, "PARAM_8: " . \config\ConfAssistant::SILVERBULLET['product_name'] . "\n"); |
|
| 86 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n"); |
|
| 87 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 88 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 89 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n"); |
|
| 90 | + $this->loggerInstance->debug(5, "PARAM_8: ".\config\ConfAssistant::SILVERBULLET['product_name']."\n"); |
|
| 91 | 91 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 92 | 92 | $soapNewRequest = $soapPub->newRequest( |
| 93 | 93 | CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID |
@@ -109,11 +109,11 @@ discard block |
||
| 109 | 109 | } catch (Exception $e) { |
| 110 | 110 | // PHP 7.1 can do this much better |
| 111 | 111 | if (is_soap_fault($e)) { |
| 112 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 112 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 113 | 113 | $e->faultstring |
| 114 | 114 | }\n"); |
| 115 | 115 | } |
| 116 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 116 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 117 | 117 | } |
| 118 | 118 | try { |
| 119 | 119 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -125,8 +125,8 @@ discard block |
||
| 125 | 125 | $soapReqnum, [ |
| 126 | 126 | "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID, |
| 127 | 127 | "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE, |
| 128 | - "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'], |
|
| 129 | - "SubjectAltNames" => ["email:" . $csr["USERNAME"]], |
|
| 128 | + "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'], |
|
| 129 | + "SubjectAltNames" => ["email:".$csr["USERNAME"]], |
|
| 130 | 130 | "NotBefore" => (new \DateTime())->format('c'), |
| 131 | 131 | "NotAfter" => $expiry->format('c'), |
| 132 | 132 | ] |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 146 | 146 | // rather than just using the string. Grr. |
| 147 | 147 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 148 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 148 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 149 | 149 | // retrieve our RA cert from filesystem |
| 150 | 150 | // the RA certificates are not needed right now because we |
| 151 | 151 | // have resorted to S/MIME signatures with openssl command-line |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 158 | 158 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 159 | 159 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 160 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 160 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 161 | 161 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 162 | 162 | $output = []; |
| 163 | 163 | $return = 999; |
@@ -166,14 +166,14 @@ discard block |
||
| 166 | 166 | throw new Exception("Non-zero return value from openssl smime!"); |
| 167 | 167 | } |
| 168 | 168 | // and get the signature blob back from the filesystem |
| 169 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 169 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 170 | 170 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 171 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 172 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 171 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 172 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 174 | 174 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 175 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 176 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 175 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 176 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 177 | 177 | if ($soapIssueCert === FALSE) { |
| 178 | 178 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 179 | 179 | } |
@@ -210,9 +210,9 @@ discard block |
||
| 210 | 210 | throw new Exception("CAInfo has no root certificate for us!"); |
| 211 | 211 | } |
| 212 | 212 | } catch (SoapFault $e) { |
| 213 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 213 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 214 | 214 | } catch (Exception $e) { |
| 215 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 215 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 216 | 216 | } |
| 217 | 217 | return [ |
| 218 | 218 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -245,12 +245,12 @@ discard block |
||
| 245 | 245 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 246 | 246 | // rather than just using the string. Grr. |
| 247 | 247 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 248 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 248 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 249 | 249 | // retrieve our RA cert from filesystem |
| 250 | 250 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 251 | 251 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 252 | 252 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 253 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 253 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 254 | 254 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 255 | 255 | $output = []; |
| 256 | 256 | $return = 999; |
@@ -259,7 +259,7 @@ discard block |
||
| 259 | 259 | throw new Exception("Non-zero return value from openssl smime!"); |
| 260 | 260 | } |
| 261 | 261 | // and get the signature blob back from the filesystem |
| 262 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 262 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 263 | 263 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 264 | 264 | if ($soapIssueRev === FALSE) { |
| 265 | 265 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -267,9 +267,9 @@ discard block |
||
| 267 | 267 | } catch (Exception $e) { |
| 268 | 268 | // PHP 7.1 can do this much better |
| 269 | 269 | if (is_soap_fault($e)) { |
| 270 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 270 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 271 | 271 | } |
| 272 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 272 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 273 | 273 | } |
| 274 | 274 | } |
| 275 | 275 | |
@@ -369,9 +369,9 @@ discard block |
||
| 369 | 369 | */ |
| 370 | 370 | public function soapToXmlInteger($x) |
| 371 | 371 | { |
| 372 | - return '<' . $x[0] . '>' |
|
| 372 | + return '<'.$x[0].'>' |
|
| 373 | 373 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 374 | - . '</' . $x[0] . '>'; |
|
| 374 | + . '</'.$x[0].'>'; |
|
| 375 | 375 | } |
| 376 | 376 | |
| 377 | 377 | /** |
@@ -390,9 +390,9 @@ discard block |
||
| 390 | 390 | // dump private key into directory |
| 391 | 391 | $outstring = ""; |
| 392 | 392 | openssl_pkey_export($privateKey, $outstring); |
| 393 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 393 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 394 | 394 | // PHP can only do one DC in the Subject. But we need three. |
| 395 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 395 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 396 | 396 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 397 | 397 | $output = []; |
| 398 | 398 | $return = 999; |
